Is there any overlap between already FLOSS applications, whether for mobile (F-Droid for example) or desktop/laptop (GNU+linux for example) and this catalog? Known to date FLOSS applications coming from everywhere, Jami sources for example comes from France and the application is peer-to-peer, XMMP standard protocol specification is governed by the IETF XMPP working group having members from different countries and servers/clients open sources from different people and servers actually all over the world or self hosted… In other words, I don’t know if having an European catalog is what really matters.

In my mind, no matter where you live, if you want your freedom[s] respected, you should prefer free/libre software, or at least open source, though in the later case it can be tweaked in ways ignored by you which might be dangerous or might not. If wanting privacy related applications, then the prior is a must but on top of that e2ee encryption is required, as minimal as possible personal information leakage, and hopefully using distributed applications mainly peer-to-peer though at least decentralized ones (hopefully self-hosting), and also security wise being externally audited if possible. I understand the EU requires the data to be stored and kept only within the EU, but that doesn’t guarantees privacy any ways, and we should learn that the best is not to trust our information to anyone, and better use peer-to-peer whenever possible or zero trust mechanisms with everything encrypted (protecting the user, not the spying mechanisms so called zero-trust, like falcon-sensor).

So I’m a bit confused by people trusting a state or supra-state backed catalogs, when FLOSS should be what conscious users should be looking for. Interoperability is what really resonates to me, but open standards (open document standard comes to mind for example) if used or for example a simple particular version of markdown (the pandoc one for example) and so on, should guarantee that…

Actually, FLOSS is more precise, given the “L” coming from “libre” in castilian (spanish now a days) referring explicitly to freedom. But it so happen open source != free/libre software, therefore open source usually disregard the philosophic aspect of freedom, which might turn against the users interest, which is what GNU guys were trying to prevent all along, because focusing in the practical aspects, without any concern on the principals behind, actually do have implications on the software itself and its usage.

Yeah, Librewolf by default doesn’t use DoT neither DoH, and so your IP is still exposed, but Librewolf had made it fairly easy to change through preferences or the librewolf overrides, whatever more convenient, as stated on its DoH enabling documentation.

deleted by creator

Thanks !

Librewolf is a privacy oriented fork of Firefox, it grabs some setting from arkenfox. Betterbird is not a privacy oriented fork of Thunderbird as far as I remember. When I tried it the only thing I was attracted to was its tray support, but as I use non DE compositors, so far wayfire, labwc and sway (tabbed layout), and as there’s currently a Firefox bug, I didn’t see any reason to keep trying it, and now on sway with tabbed layout I see no reason for a tray any ways…

kixik

Well there’s already a browser on the works, verso, and it also attempts to make servo “embeddable”:

We aim to explore embedding solutions for Servo

Hopefully both project reach 1.0 sooner rather than later. Meanwhile there’s Librewolf at least, and there was Mull, but instead currently there’s IronFox and also FrozenFennec on the works as well, all forks of Firefox oriented to privacy.

see this other post: https://lemmy.ml/post/26518180/16957376

Hint, look at the date this gets pushed, :)

do you mean you use a more privacy oriented fork like Librewolf, or instead some chrome/chromium derivative or fork?

I don’t agree with what is written in that blog BTW, 1st I like that there’s a repo that at least tries as best as it can to protect the free software aspect of the apps, which many disregard but are pretty important to me, that’s one of the main values from f-droid for me. Proprietary binary components can include many invasive “features” one is not aware of. As requirement the source code and building from it is required. If you build from source, removing proprietary dependencies for example you’ll get a different binary, and that requires a new signature on the final package. F-droid has improved a lot on reproducible builds. And I’ve read in several places magnifying the issue of apks from official f-droid being moths later compared to original developer release, my own experience is different, and when I’ve written, I immediately get a reaction from someone which doesn’t agree with me (I never reply back). I’ve read about the single entity signature, but that alone should not be an issue, otherwise we would be distrusting packages from debian, arch, and so on, which use a set of signatures to sign all of their packages, particularly when the build and signing process is automated, in some distros most packages come signed by the same bot. The issue about using a VM with a LTS distro about to expire or already expired is a valid one, but can you blame them when migrating breaks their flows and they don’t have enough hands, and that got overcome any ways. Now a days things are working fine AFAIK. That the clients support multiple repos violate an android policy, oh well, I don’t care much about android policies, and google for that matter, which collects a ton of data from users and people forgets about what that means, but what a bad practice not to follow those policies.

I believe some people really dislike free software, which is not the same as open source, one really need to value the four basic freedoms it procures, and if one doesn’t give a dumb for whatever reason then one doesn’t really appreciate free software, perhaps all one wants is not paid software, which is not the same. Free has two meanings and people often gets confused, and f-droid is about free software. It’s true they can’t guarantee every single bit of their content, but they trying through their policies and a few scripts has value to me, and taking a look at what free software meaning and the basic freedoms it looks to preserve is important to be understood before complaining about an organization trying to offer free software. It would be more appropriate if the terminology changes to use the spanish “libre” word instead, but it is what it is, that why sometimes FOSS is instead referred as FLOS (free/libre or free and libre). And true, as a result developers who want to provide apks through f-droid and also through non free software app stores or repos (whatever makes more sense) need to have in place something to account for the differences, and that’s not optimal, but there’s a good reason for it, but some developers just don’t want to do it and even less not depending on android proprietary stuff or other proprietary stuff for that matter, which is their prerogative any ways.

A little rant of mine, not we all have to agree over the same arguments I guess.

Well, it is available on the IzzyOnDroid separate f-droid repo, so if using the f-droid client, you can still grab freetubeAndroid with it.

Never tried it though, and not sure how bloated for a phone, but it’s easy to install/update with any f-droid client.

ohh, as I set sponsorblock for it some time back, I thought it also did it, but it does not.

Tubular and Libretube (both available on f-droid btw)

Well, to me xmpp is the way to go, but I guess it’s not a matter of opinion, but rather understanding the motivation.

Why is your dad looking for telegram? What caused your dad to look into it? Perhaps digging into those, one can make a case with alternative more private options. For sure one can always argue in general the already mentioned alternatives, and the ones to come are better privacy wide, but it boils down to why is him looking to use telegram. If it’s about having friends or co-workers, or a high school set of friends there, I would think there’s no way to change his mind, :( But more technology arguments like stickers, better voice/video conferences, whatever, then that’s more something that can be argued I would think, the same way if he’s just looking for something more private of course.

I second xmpp + omemo, and would caution that as far as I can remember matrix leaks significant metadata when syncing between instances/services.

As a personal decision I got away from signal (molly in fact) more than a year ago.

I’m also keep jami working with my family, particularly for things not requiring immediate response. It’s a different beast, since it’s p2p, but there’s no server associated to it, no matter if decentralized or not. It’s easy as well, just not as responsive, in particular if looking for immediate responses… I like and keep both, hoping jami improves.

Ohh, I understand now what you’re saying. LOS (upstream) finally allowed uG to work on their images, though not pre-installed with them, it’s mentioned on LOS4uG FAQ, see question Why do we need a custom build of LineageOS to have microG? Can’t I install microG on the official LineageOS?, the answer includes a couple of references to LOS MRs. I was not aware of that, and that makes all derived ROMs inherit such ability from upstream LOS, including divestOS, so now I see what you were talking about. The answer in that FAQ doesn’t indicate that the official F-Droid client can be installed, and even better neither it or it’s lighter official client (that one never supported privileged extension) require privileged extensions to install apps in the background, so no need to install such extension through adb, and once installed the F-Droid client, one can add the microG repo to keep the uG apps up to date. Therefore no need for LOS4uG actually.

The sad thing is that divestOS images/ROMs are no more, since divestOS is dead. I hope LOS ports divestOS’ boot locking/unlocking mechanism from the still available divestOS repos, that would make LOS even better.

The other sad thing is that as LOS4uG signs with its own keys, different than the LOS ones, once you start with such images, unless you can backup everything, apps, apps settings and contents, LOS settings, and so on, without a google account, you’ll have to keep using it, until you change phone, or you are OK with a factory reset and having to set everything again, since moving to LOS implies different signatures and keys, which in turn implies factory reset and further cleanup to make the image work, :( That holds true if wanting to move to divestOS images as well.

Sorry I didn’t understand what you were saying. I’ve been using LOS before it was named like that (cyanogen), and as far as I can remember when uG showed up, LOS decided it didn’t want to support it, and it was until early last year that it decided to finally allow it, though not helping a bit providing it pre-installed, which is fine, because then the user can get to it, or rather Gapps. So I never read back about LOS criteria changing…

What do you suggest? If they get forced to use something encrypted, they won’t choose XMPP for sure, most probably something like whatsapp or telegram.

Being forced to use non standard protocols, and specially non federated ones is also a concern. Where I live, it’s assumed that all clients/users must use whatsapp, so they don’t answer your questions, you can’t ask them anything, you can’t share any doc with them if in need for support, it it’s not through whatsapp. And everyone seems happy with it.

e2ee by itself is not enough for privacy, metadata counts, and on proprietary communication systems one doesn’t even have a clue what data is mined by the company/owners or even worse if they have non disclosed mechanisms to do that or even worse to introduce back doors.

If I’d suggest something, that would be a standard and federated protocol with e2ee like xmpp + omemo. But again, I’d be naive to assume that’s a possibility, if forced to do something corporations will choose what’s more convenient to them not to the user, and that usually translates into proprietary abusive mechanisms.

Now about nerds using gnuPG/openPGP keys, ohh well, thunderbird chose what to me is the wrong path of not using gnuPG underneath (now by default all keys are exposed unencrypted, unless you choose to use TB’s master password for example, between several other limitations, the good thing is that there’s sequoia-octopus-librnp to the rescue), but that path allows them to offer a really easy way for users to interact with openPGP keys. On Android K9, now a days Thunderbird, has made it really easy as well to use gnuPG/openPGP keys when accompanied with openkeychain for example. There’s nothing obscure neither truly complex about current gnuPG/openPGP usage these days. I would agree like 15 years back one really needed to learn how to maintain the gnuPG keyring, how to add and manage public keys and how to manage your own private keys. But even then there was Enigmail, which after TB chose that path turned into just a shell to help move from Enigmail to the chosen TB’s librnp way, and Enigmail made it really easy to do all that gnuPG stuff. Besides thunderbird, which I wouldn’t say is a nerdy thing, there were/are several other easy alternatives to use and handle gnuPG/openPGP keys. So, not really nerdy, I’d think just willing to go a bit beyond what the corporations offer you, for “your own convenience”. But how many people even care? I’d say we’re a sleepy society, accepting everything imposed to us, even when there’s no need to, because of the hassle to look for truly privacy respectful, security respectful (from the user perspective, not just the corporations perspective), and also really important user liberties/freedom respectful, which Today’s corporations with the help of some communities and the banning culture we all embraced, have been successful in convincing us that’s unnecessary in favor of more “practical” alternatives, including proprietary ones…

Phoenix is not a browser, is it? AFAIK it’s a similar user.js to Arkenfox… They claim to be better, and have their on comparison, but I don’t know:

https://codeberg.org/celenity/Phoenix/wiki/Comparison

Arkenfox has been like the default user.js for privacy… Perhaps phoenix already is better…

Regarding omemo, dino is getting there, see its closed issue 1609. Not sure why it has taken them too long for a new release, but they have the stuff already merged.

Ups, I just got to enjoy piped and in particular pipeline on gnu+linux and libretube on AOSP.

Pipeline in particular allows to totally avoid electron (freetube), and in both cases the piped instance is the one communicating with youtube, not me, :) And both applications support sponsorblock (tubular does, but newpipe doesn’t). But not talking directly to youtube is a win. Did I mention dropping another electron app, :) ?

But… I installed pipeline from AUR, because I don’t like flatpak… Not sure if other user repos offer it as well…